Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SalesagilitySuitecrm

5 matches found

CVE
CVEadded 2020/02/13 4:15 p.m.51 views

CVE-2020-8800

SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.

8.8CVSS8.7AI score0.00488EPSS
CVE
CVEadded 2020/02/13 4:15 p.m.50 views

CVE-2020-8803

SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via add_to_prospect_list.

9.8CVSS9.4AI score0.0096EPSS
CVE
CVEadded 2020/02/13 4:15 p.m.47 views

CVE-2020-8804

SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module.

6.5CVSS7AI score0.00354EPSS
CVE
CVEadded 2020/02/13 4:15 p.m.44 views

CVE-2020-8801

SuiteCRM through 7.11.11 allows PHAR Deserialization.

7.2CVSS6.9AI score0.00476EPSS
CVE
CVEadded 2020/02/13 4:15 p.m.41 views

CVE-2020-8802

SuiteCRM through 7.11.11 has Incorrect Access Control via action_saveHTMLField Bean Manipulation.

9.8CVSS9.5AI score0.005EPSS